How to Remove Document Management Hurdles with X-Docs?
Mobile threat
1. Threat to Strategic Information Through
Open Mobile Platforms and solution(s).
by
K Neelakanta Sheshadri
2. The Threat(S)
●
Corporate snooping is now an established fact of life.
●
Ubiquitous, vulnerable and open platform phones
can turn the threat into a real menace.1
●
Android, iOs, etc. have vulnerabilities which pop out
every minute, added to this set is their use on GSM
networks.2
●
Every country and individual is concerned about
both state and non-state snoopers.
3.
4. First Response...
● Indian Army is establishing a full fledged Mobile Cellular
Communications System (MCCS) as part of its AWAN
plan. CDMA is the underlying platform.3 TCS has already
established IP based AWAN for Corps of Signals
(indigenous ?) .4
● Blackberry is the only widely known corporate level
secure mobile platform. And most users do not have
one.
●
Before the last Loksabha elections BJP hired Mobiliya
to prevent another snoop-gate.
5. ● Mobiliya is already approaching MoD for pushing
its Secure Phone a.k.a “Dark Phone”.
– The claims are that there are no indigenous contenders
and only Cyanogen US, Silent Circle – Spain and Cellrox –
Israel are its global contenders.
● Android is a big and thriving market, but the
underlying Linux layer and VMs continue to be the
same with inherent vulnerabilities.5
7. ● Mobilya's model of secure phone uses OS
differentiation. That is, packs two VMs in one
phone.
Device encryption, Applevel security, Native single sign on..etc
8. Current Scenario
●
Cellrox's virtualization is a clear compromise on processing cost per currency. (Sand-
boxing a sandbox on an OS).
● Mobiliya and Cyanogen just run two parallel sandboxes.
●
Both use ZRTP to prevent man in the middle attack, encrypted calls and messaging.
● Silent Circle is a service provider mostly restricted to Spain.
●
Almost every day vulnerabilities crop up in Virtual Machines.
● Provide no hardware depended unmodifiable code. Everything is software and multi-
vendor supported, includes any one with a valid gmail or facebook account.
●
Operate on GSM in India providing little or no encryption if at all.
● Availability of “ROOTED” OS Modifications from amateurs and threats from non-registered
applications.
●
All keep quiet on phone being stolen by professional device hackers.
9. The idea...
ASIC/FPGA based CDMA Hardware platform** CORE
FIRMWARE SWITCH LAYER
CORTEX BASED HIGH PERFORMANCE PLATFORM FOR VM *
10. Prospects of implementation
*Android being a de-facto accepted OS has to be
supported.
** The proposed hardware layer would have an
ASIC or FPGA core with CDMA, ZRTP and remote
self-destruct (multi erase and write) functionality.
11. Conclusion
● The above stated may be implemented on
platforms like Cyclone V type (FPGA+ARM) SoCs
later converted into ASIC -- reducing time to
market.
● One of the biggest advantages of this architecture
is that there is no compromise on processing or
security.
● Separation of strategic and personal layers of
communication.